Simultaneous attacks breached CoinGecko, Etherscan, Quickswap and other sites

Around 10 PM (UTC) this Friday, it became known that several platforms related to cryptocurrencies suffered attacks of different types that could jeopardize the security of their users' information, and then perhaps their funds. The situation affected the pricing and statistics site CoinGecko, the Ethereum block explorer Etherscan and the decentralized exchange (DEX) QuickSwap.

Apparently, no attacks or vulnerabilities have yet been reported in other recent blockchains such as Solana, in some of the wallets such as Phantom or even in some blockchain bridges such as Zetrix.

In the case of CoinGecko and Etherscan, a phishing attack occurred through a pop-up notification when entering these portals. In the message, it asked to connect the MetaMask wallet to nftapes.win, a type of advertisement that is not normally displayed on these sites.

Both platforms reported that the original problem was related to Coinzilla, an advertising service used by these sites. In a post on its Twitter account, Coinzilla reported that the problem was caused by malicious code in an ad campaign that got through the site's automated security controls.

Although the affected platforms issued statements with further details on Twitter, neither admitted or denied that users lost funds as a result of the attack.